Creating Network/Mobile Accounts with Local Homes

Creating Network/Mobile Accounts with Local Homes

Configuring a workstation to use a network or mobile account is beneficial in environments where administrators wish to manage authentication from a central server, utilize single-sign-on, or improve security by enforcing a password expiration policy. There is a significant difference between a network and a mobile account.

Network accounts must have a persistent connection to the directory server. This is suitable for desktops that permanently reside in the office.

Mobile accounts retains the ability to function while traveling and do not require a persistent connection to the directory server. Mobile accounts are intended for notebook users, although they can be used by anyone. Mobile accounts also offer the ability to sync with a home folder on the network. However, this practice has been largely discontinued because it does not work well. (The end-user receives many notifications regarding files that cannot be synced, and this creates an influx of support requests and a rise in end-user frustration.)

A solution that we use and recommend is to implement mobile accounts with syncing disabled. This provides the benefits of central authentication along with the ability for single-sign-on and password expiration enforcement, and it avoids the pitfalls of network syncing. We then recommend the use of something like CrashPlan PROe to ensure user data is automatically backed up (rather than rely on end-users — and horribly implemented file syncing — to ensure files are safe). To get started, follow the appropriate instructions below related to your directory structure or contact us to have Robot Cloud automate the binding process. We also recommend reading these related articles: